diff --git a/src/Controller/HistoryController.php b/src/Controller/HistoryController.php index 26145c8..c14be55 100644 --- a/src/Controller/HistoryController.php +++ b/src/Controller/HistoryController.php @@ -3,6 +3,7 @@ namespace App\Controller; use App\Entity\Snip; +use App\Security\Voter\SnipVoter; use App\Service\SnipServiceFactory; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Response; @@ -20,6 +21,8 @@ class HistoryController extends AbstractController #[Route('/', name: '_index')] public function index(Snip $snip): Response { + $this->denyAccessUnlessGranted(SnipVoter::EDIT, $snip); + return $this->render('history/index.html.twig', [ 'snip' => $snip, 'commits' => $this->snipServiceFactory->create($snip)->getRepo()->getAllCommits(), @@ -29,6 +32,8 @@ class HistoryController extends AbstractController #[Route('/set/{commit}', name: '_set')] public function set(Snip $snip, string $commit): Response { + $this->denyAccessUnlessGranted(SnipVoter::EDIT, $snip); + $this->snipServiceFactory->create($snip)->getRepo()->checkout($commit); $this->addFlash('success', 'Snip version set to ' . $commit); return $this->redirectToRoute('snip_single', ['snip' => $snip->getId()]); diff --git a/templates/history/index.html.twig b/templates/history/index.html.twig index 28cee93..c21d130 100644 --- a/templates/history/index.html.twig +++ b/templates/history/index.html.twig @@ -6,9 +6,10 @@ Back - - Reset to latest + + Master +

{% for commit in commits %}